Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2000-1107

    in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.... Read more

    Affected Products : suse_linux
    • EPSS Score: %0.89
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1100

    The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET reque... Read more

    Affected Products : postaci_webmail
    • EPSS Score: %2.94
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2000-1099

    Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities.... Read more

    Affected Products : jdk
    • EPSS Score: %0.60
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1112

    Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability.... Read more

    Affected Products : windows_media_player
    • EPSS Score: %2.00
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1081

    The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allo... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %6.84
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1133

    Authentix Authentix100 allows remote attackers to bypass authentication by inserting a . (dot) into the URL for a protected directory.... Read more

    Affected Products : authentix
    • EPSS Score: %0.71
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1093

    Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command.... Read more

    Affected Products : instant_messenger
    • EPSS Score: %8.46
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2000-1127

    registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the per... Read more

    Affected Products : hp-ux
    • EPSS Score: %0.53
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1084

    The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows a... Read more

    Affected Products : sql_server sql_server data_engine
    • EPSS Score: %43.14
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1097

    The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page.... Read more

    Affected Products : soho_firewall
    • EPSS Score: %0.49
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1106

    Trend Micro InterScan VirusWall creates an "Intscan" share to the "InterScan" directory with permissions that grant Full Control permissions to the Everyone group, which allows attackers to gain privileges by modifying the VirusWall programs.... Read more

    Affected Products : interscan_viruswall
    • EPSS Score: %0.06
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1115

    Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.... Read more

    Affected Products : 602pro_lan_suite
    • EPSS Score: %1.38
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1123

    Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands.... Read more

    Affected Products : aix
    • EPSS Score: %0.04
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2000-1148

    The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server.... Read more

    Affected Products : volanochatpro
    • EPSS Score: %0.05
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1098

    The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request.... Read more

    Affected Products : soho_firewall
    • EPSS Score: %0.39
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1152

    Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.... Read more

    Affected Products : beos
    • EPSS Score: %0.58
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2000-1183

    Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long connection request.... Read more

    Affected Products : socks_5
    • EPSS Score: %0.08
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1182

    WatchGuard Firebox II allows remote attackers to cause a denial of service by flooding the Firebox with a large number of FTP or SMTP requests, which disables proxy handling.... Read more

    Affected Products : firebox_ii
    • EPSS Score: %0.92
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2000-1139

    The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability.... Read more

    Affected Products : exchange_server
    • EPSS Score: %5.32
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2000-1171

    Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter.... Read more

    Affected Products : cgiforum
    • EPSS Score: %4.09
    • Published: Jan. 09, 2001
    • Modified: Apr. 03, 2025
Showing 20 of 291015 Results